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Amendments to the Soccificati n 
Please replace the paragraph on Page 2, lines 8-21 with the following marked-up replacement 
paragraph: 

- With the wide-spread use of SSL (Secure Sockets Layer) and certifiable digital 
certificates for providing security in today's PC-based computing environments, there is a desire 
to use a client certificate as the basis for a "single system log on" to all of a user's Internet-based 
applications. This includes applications that provide access to legacy host applications and/or 
data such as IBM's Host-On-Demand, Personal Communications, and Host Publisher products- 
Digital certificates are used to authenticate entities, as is well known in the art. U> S. Pa tent 

Oiiidi Patent 6.128.738 (serial number 09/064,632, filed 12/10/98), which is tttfcd* 
Ce rt ifica t e titled "Certificate Based Security in SNA Data Flows", teaches a technique whereby 
digital certificates are transported in appropriate Systems Network Architecture ("SNA") data 
flows between a client and a host for identifying the user to the host application, but this existing 
technique requires those host programs which authenticate the user to RACF (or other host 
access control facility) to be modified to use the certificate instead of the traditional userid and 
password. This requires an enterprise to upgrade each of its application subsystems in order to 
achieve the benefits. So for some enterprises, the previous approach may be impractical and 
unacceptable. — 

Please replace the paragraph that begins on Page 1 0, line 1 5 and carries over to Page 1 1 , line 5 
with the following marked-up replacement paragraph: 
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- Fig. 3 illustrates message flows that may be used for authenticating a user by a legacy 
host application according to the prior art. When a user at a client device wishes to work with a 
legacy host application and/or data, the client device must use some form of emulation or 
emulator product to allow communication between the distributed computing environment and 
the host application. In the exainple of Fig. 3, the client is using an emulator product which uses 
the TN3270 emulation protocol. The TN3270 protocol is used to provide emulation of the "3270 
data stream", as is well known to those familiar with the art The 3270 data stream is frequently 
used for information transfer to and from legacy host applications, and is so named because it was 
originally designed for use with IBM Model [[3270]] 327x client workstations. ~ 

Please replace the paragraph on Page 1 1 ? lines 6-12 with the following marked-up replacement 
paragraph: 

- Note that while the examples describing the present invention are discussed with 
reference to the 3270 data stream format, this is for purposes of illustration and not of limitation. 
Other data stream formats may be used alternatively. Another commonly used data stream format 
for communicating with legacy host applications is referred to as a "5250 data stream",, originally 
designed for communicating with IBM Model [(5250]] 525x workstations. The TN5250 
emulation protocol is used with a 5250 data stream Yet another commonly used data stream is 
an ASCII data stream, commonly referred to as a <r Virtual TerminaT or A *VT" data stream. - 
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